https://github.com/dyne/redroom

Zenroom crypto module for Redis
https://github.com/dyne/redroom

crypto cryptography password redis redis-module security

Last synced: 3 days ago
JSON representation

Zenroom crypto module for Redis

• Host: GitHub
• URL: https://github.com/dyne/redroom
• Owner: dyne
• License: agpl-3.0
• Created: 2019-06-28T09:32:23.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2020-11-25T12:01:22.000Z (almost 4 years ago)
• Last Synced: 2024-05-02T21:55:21.630Z (7 months ago)
• Topics: crypto, cryptography, password, redis, redis-module, security
• Language: C
• Size: 309 KB
• Stars: 7
• Watchers: 4
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE.txt

Awesome Lists containing this project

README

        
# Easy crypto for Redis

RedRoom is powered by the [Zenroom crypto VM](https://zenroom.dyne.org) to bring easy to use yet advanced **cryptographic functions in Redis**.

This software is in **ALPHA** stage and published for preview.

The main use-case covered is that of **secure password storage** using hashes inside username keys and check if password matches.

Future plans and low hanging fruits:

- **authenticated private messaging** using encrypted PUB/SUB channels with asymmetric keypairs

- **brute-force resistant hashing** with alternatives to SHA512 that cannot run on GPUs

We are open to more ideas: don't hesitate to show us your interest, it motivates us!

##  Supported platforms



RedRoom is developed and tested on Linux, Windows and Mac OS.





RedRoom runs fine on ARM, i386 and x86_64 CPUs.



The Zenroom crypto engine at

the core of RedRoom is portable to:





 native iOS framework





 native Android library





 Javascript and WebAssembly





 Cortex chips



 ... even more targets





##  Commands

All commands provided by Redroom are prefixed with `ZENROOM.` or `ZENCODE.`

### ZENROOM.EXEC

```

ZENROOM.EXEC SCRIPT DESTINATION [ KEYS DATA ]

```

Execute the contents stored in key `SCRIPT` using the Zenroom VM language based on Lua, then stores the result in key `DESTINATION`; the execution is passed two arguments, the contents of keys `KEYS` and `DATA`.

### ZENCODE.EXEC

```

ZENCODE.EXEC ZENCODE DESTINATION [ KEYS DATA ]

```

Execute the human language instructions stored in the key `ZENCODE` using the Zenroom VM, then stores the result in key `DESTINATION`; the execution is passed two arguments, the contents of keys `KEYS` and `DATA`. For more information on the human language used see [Zencode: Smart contracts for the English speaker](https://decodeproject.eu/blog/smart-contracts-english-speaker).

### ZENROOM.SETPASS

```

ZENROOM.SETPASS USERNAME PASSWORD

```

Safely stores the string `PASSWORD` hashed using SHA512 and KDF inside key `USERNAME` (base64 encoded). Username keys will not contain actual password strings, but hashes that are only useful to verify if the password given at a login is correct, using `ZENROOM.CHECKPASS`.

The Zenroom code used is: `write(ECDH.kdf(HASH.new('sha512'),'%s'):base64())`

### ZENROOM.CHECKPASS

```

ZENROOM.CHECKPASS USERNAME PASSWORD

```

Checks that the key `USERNAME` is existing and its contents match the `PASSWORD` string when hashed using SHA512 and KDF.

## BENCHMARK

A port of redis-benchmark is provided and builds with target `make check`.

Performance of `ZENROOM.SETPASS` can be tested with:

```

./benchmark -t zenroom.setpwd -n 1000 -r 1000

```

On a fifth gen i5 (2.4GHz) running Redis 5 leads to approximately 222 requests per second, each one executing several SHA512 based KDF iterations on each string.

![RedRoom logo](https://redroom.dyne.org/img/redroom-trans.png)

## Acknowledgements

RedRoom is Copyright (C) 2019 by the [Dyne.org](https://www.dyne.org) foundation

Written and maintained by Denis Roio  and co-designed with Andrea D'Intino

## License

    RedRoom is Copyright (c) 2019 by the Dyne.org foundation

    

    This program is free software: you can redistribute it and/or modify

    it under the terms of the GNU Affero General Public License as

    published by the Free Software Foundation, either version 3 of the

    License, or (at your option) any later version.

    

    This program is distributed in the hope that it will be useful,

    but WITHOUT ANY WARRANTY; without even the implied warranty of

    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

    GNU Affero General Public License for more details.

    

    You should have received a copy of the GNU Affero General Public License

    along with this program.  If not, see .